Will cloud leave legacy ERP behind?
- By Patrick Thibodeau
With today's big data, business analytics and AI applications optimized for the cloud, government agencies will see their on-premises legacy IT business systems age even faster.
The big enterprise resource planning (ERP) vendors -- the primary suppliers of business and human resources applications to government -- are slowly moving their on-premise system users to the cloud, but they pledge continued support for existing clients. Users will get support for years and even decades, they say, but possibly on different support tiers. Unfortunately, long-term support guarantees will offer little comfort if cloud platforms outstrip the legacy systems in performance and innovation.
The capabilities of on-premise systems simply cannot keep pace with cloud-based options,” said Yvette Cameron, senior vice president of strategy and corporate development at SAP SuccessFactors, a human capital management services provider. On-premise customers are “going to feel left behind over time,” she said.
Cameron’s view is broadly shared -- not only by tech vendors, but also in the White House. Jared Kushner, a White House senior advisor, recently told an assembly of tech leaders that the government believes a “vast majority” of government systems “can be consolidated and migrated to the cloud,” according to a government report of the meeting.
Indeed, the General Services Administration sees vendor support dates as a stick to help push agencies to cloud platforms and shared services.
“We believe recent announcements to end premier support for key vendor ERP systems will continue to motivate agency IT modernization initiatives and be more cost effective governmentwide in the long run,” a GSA spokesperson said in a written statement. “Cloud computing has already proven itself as a viable model for ubiquitous, on-demand access to configurable computing resources.”
Federal agencies are already shifting productivity, collaboration and infrastructure services to clouds provided by Microsoft, Google, Amazon and other vendors. But moving core business applications, like those that run finance and HR, will be a much harder job.
Years of customizations are keeping these agencies from updating their business systems, said Ann Dunkin, who was the CIO of the Environmental Protection Agency until January and is now CIO of Santa Clara County in San Jose, Calif.
“You have some agencies that are really stranded on quite old versions of software,” Dunkin said in an interview. These agencies “have painted themselves into a corner by doing a bunch of customizations,” she added.
Dunkin said EPA learned not to customize software, otherwise “when the new release comes out you have to test or rewrite every one of your customizations to go to the next level.”
With some systems so far behind, certain agencies may not bother moving them to the cloud, said Dunkin. “On the other hand,” she said, “eventually functionality and security become a problem, and people have to figure out how to move.”
There are ways to work with customizations, Dunkin said. EPA worked to remove customizations that can be replaced with a standard software solution, she said; often the software had evolved so that the original customization was no longer needed. Sometimes, however, customizations came about because the agency didn’t want to change its business process -- Dunkin said she and her team quickly realized they needed to stop doing that.
Truly unique requirements do crop up, however. An example at the EPA was Superfund accounting, which does things that standard software packages don’t do.
The Superfund fix involved building custom code outside the core system that shares its data, said Dunkin. “That would be the preferred practice now," she said. "You are not customizing that system, you are simply using its interfaces to share the data back and forth that you need.”
In preparing for cloud migrations, agencies will need to back out of many of their customizations and change business practices. They also must come to terms with just how many custom-built systems are being managed. The sheer number of such systems can be staggering.
Jeffrey Neal, a former chief human capital officer at the Department of Homeland Security, did a HR systems survey not long before he left in 2011. He counted over 400 -- some of them homegrown systems that traced their roots back to the arrival of PCs.
“There is no reason for any agency in the federal government to have 400 systems,” said Neal, who is now senior vice president at ICF, a consulting and technology services provider.
Older IT systems are an increasing cost burden. In 2010, federal agencies spent about 68 percent of their total budget on IT operations and maintenance. This was forecasted to rise to 77 percent this year, according to a 2016 Government Accountability Office report, due in part to the increasing cost of maintaining legacy hardware and older applications.
This growth in operations and maintenance spending means less money for new technology, and is also being blamed for security weaknesses. And while the both the Obama and Trump administrations have pushed for IT modernization investments, actual appropriations for agencies have been hard to come by.
And the vendors, in their push to move users to the cloud, may face big obstacles as well.
Ray Bjorklund, president of government IT market research firm Birchgrove Consulting, believes the goals of the tech firms will clash with the reality of government. “New ideas or innovations that the executives might recommend first have to be tested against the law, budgeting processes, financing constraints and purchasing methods," he said. "There are many strict operational constraints in the federal space; violate them and [you] risk oversight scrutiny or legal action.”
A frequently-raised issue with migrations to cloud platforms is security. Much of the federal data stored in Oracle, SAP and other ERP systems is protected by laws with criminal penalties for disclosure, said Roger Baker, a former assistant secretary for information and technology and CIO at the Department of Veterans Affairs who now works as an independent consultant. Do vendors “really want to take on the liabilities implied with the storage of that information?” he asked. For now, Baker said, federal employees “hold all that liability.”
The “biggest impediment to change in federal IT are requirements written into federal law,” Baker said.
Vendors are creating government-specific clouds to deal with some of these issues, but these clouds still have their problems, said Dunkin, the former EPA CIO.
One problem is created by the federal government’s Trusted Internet Connection requirements and DHS' Einstein program, which are designed to protect networks. All civilian agency network traffic must pass through a TIC it its connecting to a cloud service.
Einstein “really interferes with effectively using cloud services because it redirects the traffic through this device,” Dunkin said. It creates problems for users inside the firewall, but especially for thoseusers outside the firewall who are trying to remotely access cloud services, such as Microsoft and Google.
Another friction point is the Federal Risk Management and Authorization Program. It standardizes security but also requires vendors to get certification to make cloud services available to the government. GSA has worked to streamline that process, but FedRAMP is “prohibitively expensive,” said Dunkin. “It really stifles innovation in the cloud.”
Despite such obstacles, if federal agencies can shift ERP from on-premise systems to cloud platforms, it might allow them to consider new vendor options.
Workday, founded in 2005, is a provider of HR and finance cloud-based software and has some 1,500 customers. It is one of the firms that has been disrupting this market. Its customers -- which include the Department of Energy's Fermi National Accelerator Laboratory -- use one common and current version of the software.
Sherry Amos, Workday's director of market development for education and government, believes federal agencies have the same opportunity as commercial customers to move to the cloud. But they must rethink their customizations, and decide whether the unique features are really justified.
“There will come a point in the not-too-distant future where all of these applications are only cloud applications,” said Amos.
Neal expects that government's core HR systems, for the foreseeable future, will be the big vendor technologies, such as Oracle HR. They are mature technologies with many business rules, and “the complexity of those systems makes it very difficult to replace them,” he said.
But Neal said he can't see agencies staying with their core on-premise HR systems forever. Oracle and PeopleSoft-type systems can interface with other services, he said. This means federal agencies can unplug one tool and use another with better pricing and features. This other tool is likely to be in the cloud.
Indeed, SAP’s SuccessFactors has federal users who are adopting some cloud-based functions, such as a talent management, which includes a range of tools that cover recruiting, performance and goal setting. So vendors will try to move federal users in incremental steps.
Oracle, in a written statement to FCW, said it continues to support on-premise software packages such as PeopleSoft, E-Business Suite and Siebel, and will do so under its lifetime support policies. “Support dates are reviewed regularly and sometimes extended, and many of our on-premises product lines have new versions in development,” the company said. Additionally, the Oracle Government Cloud “expects FedRAMP accreditation before the end of the year.”
Whatever the vendor mix, however, a smooth transition to cloud platforms is far from guaranteed.
On the one hand will be the appeal of new automations in vendor systems. These systems, for instance, will have the ability to import, analyze and report on spreadsheets “without a human having to touch it,” said Matt Richards, a managing director at KPMG. “It would dramatically change repetitive tasks in an organization,” he said.
But on the other side is federal IT itself. The U.S. government has a deep bench of technologists, creative thinkers and many open-source advocates. There is an effort underway, for instance, by more than a dozen agencies to develop AI-based personal assistants to improve access to government services.
So there may be a push for approaches that don't exactly square with the solutions and strategies of either the incumbent firms or their cloud-native challengers. “It’s not unusual for outsiders to be unaware of some of the remarkable technology innovations that have already taken root in the government—some of which are home-grown,” said Bjorklund.
Patrick Thibodeau is a freelance technology writer based in Washington, D.C.